Merge pull request #51 from lwch/dev

v0.11.0

Author: lwch

.github/workflows/build.yml

@@ -22,7 +22,6 @@ jobs:
           - macos-11
           - macos-12
         go:
-          - '1.16'
           - '1.17'
           - '1.18'
           - '1.19'

CHANGELOG.md

@@ -156,4 +156,15 @@
 # v0.10.5
 
 1. 修改注册系统服务时的配置项
-2. 升级第三方库
+2. 升级第三方库
+
+# v0.11.0
+
+1. 修改握手时的签名算法
+2. go版本升级到1.19.1
+3. AdminLTE库升级到3.2.0
+4. bootstrap库升级到4.6.2
+5. jquery库升级到3.6.1
+6. xterm.js库升级到5.0.0
+7. fontawesome库升级到6.2.0
+8. 去除go1.16的支持

build

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-VERSION=0.10.5
+VERSION=0.11.0
 
 DOCKER_BUILDKIT=1 docker build -t natpass -f contrib/build/Dockerfile .
 docker run --rm \

build_all

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-VERSION=0.10.5
+VERSION=0.11.0
 
 DOCKER_BUILDKIT=1 docker build -t natpass -f contrib/build/Dockerfile .
 docker run --rm \

code/client/conn/conn.go

@@ -103,7 +103,7 @@ func writeHandshake(conn *network.Conn, cfg *global.Configure) error {
 	msg.To = "server"
 	msg.Payload = &network.Msg_Hsp{
 		Hsp: &network.HandshakePayload{
-			Enc: cfg.Enc[:],
+			Enc: cfg.Hasher.Hash(),
 		},
 	}
 	return conn.WriteMessage(&msg, 5*time.Second)

code/client/global/conf.go

@@ -1,12 +1,12 @@
 package global
 
 import (
-	"crypto/md5"
 	"fmt"
 	"os"
 	"path/filepath"
 	"time"
 
+	"github.com/lwch/natpass/code/hash"
 	"github.com/lwch/natpass/code/utils"
 	"github.com/lwch/runtime"
 	"github.com/lwch/yaml"
@@ -32,7 +32,7 @@ type Configure struct {
 	Server           string
 	UseSSL           bool
 	SSLInsecure      bool
-	Enc              [md5.Size]byte
+	Hasher           *hash.Hasher
 	Links            int
 	LogDir           string
 	LogSize          utils.Bytes
@@ -103,7 +103,7 @@ func LoadConf(dir string) *Configure {
 		Server:           cfg.Server,
 		UseSSL:           cfg.SSL.Enabled,
 		SSLInsecure:      cfg.SSL.Insecure,
-		Enc:              md5.Sum([]byte(cfg.Secret)),
+		Hasher:           hash.New(cfg.Secret, 60),
 		ReadTimeout:      cfg.Link.ReadTimeout,
 		WriteTimeout:     cfg.Link.WriteTimeout,
 		LogDir:           cfg.Log.Dir,

code/hash/hash.go

@@ -0,0 +1,43 @@
+package hash
+
+import (
+	"crypto/hmac"
+	"crypto/sha512"
+	"encoding/binary"
+	"hash"
+	"math"
+	"sync"
+	"time"
+)
+
+// Hasher hasher for handshake
+type Hasher struct {
+	sync.Mutex
+	period uint
+	h      hash.Hash
+}
+
+// New create hasher
+func New(secret string, period uint) *Hasher {
+	if period == 0 {
+		period = 30
+	}
+	return &Hasher{
+		period: period,
+		h:      hmac.New(sha512.New, []byte(secret)),
+	}
+}
+
+// Hash hash func
+func (h *Hasher) Hash() []byte {
+	now := time.Now()
+	i := math.Floor(float64(now.Unix()) / float64(h.period))
+	var buf [8]byte
+	binary.BigEndian.PutUint64(buf[:], uint64(i))
+	h.Lock()
+	defer h.Unlock()
+	h.h.Reset()
+	h.h.Write(buf[:])
+	ret := h.h.Sum(nil)
+	return ret
+}

code/server/global/conf.go

@@ -1,11 +1,11 @@
 package global
 
 import (
-	"crypto/md5"
 	"os"
 	"path/filepath"
 	"time"
 
+	"github.com/lwch/natpass/code/hash"
 	"github.com/lwch/natpass/code/utils"
 	"github.com/lwch/runtime"
 	"github.com/lwch/yaml"
@@ -14,7 +14,7 @@ import (
 // Configure server configure
 type Configure struct {
 	Listen       uint16
-	Enc          [md5.Size]byte
+	Hasher       *hash.Hasher
 	TLSKey       string
 	TLSCrt       string
 	ReadTimeout  time.Duration
@@ -51,7 +51,7 @@ func LoadConf(dir string) *Configure {
 	}
 	return &Configure{
 		Listen:       cfg.Listen,
-		Enc:          md5.Sum([]byte(cfg.Secret)),
+		Hasher:       hash.New(cfg.Secret, 60),
 		TLSKey:       cfg.TLS.Key,
 		TLSCrt:       cfg.TLS.Crt,
 		ReadTimeout:  cfg.Link.ReadTimeout,

code/server/handler/handler.go

@@ -91,7 +91,7 @@ func (h *Handler) readHandshake(c *network.Conn) (string, error) {
 	if msg.GetXType() != network.Msg_handshake {
 		return "", errNotHandshake
 	}
-	n := bytes.Compare(msg.GetHsp().GetEnc(), h.cfg.Enc[:])
+	n := bytes.Compare(msg.GetHsp().GetEnc(), h.cfg.Hasher.Hash())
 	if n != 0 {
 		return "", errInvalidHandshake
 	}

contrib/build/Dockerfile

@@ -1,5 +1,5 @@
 ARG APT_MIRROR=mirrors.ustc.edu.cn
-ARG GO_VERSION=1.19
+ARG GO_VERSION=1.19.1
 ARG GO_PROXY=https://goproxy.cn,direct
 
 FROM lwch/darwin-crosscompiler:11.3